threat-intelligence

GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

• application-security
• malware
• ransomware
• supply-chain
• threat-intelligence
• threat-management

GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

Laura French April 28, 2026

A new cluster of 73 extensions impersonating legitimate projects has been tied to the GlassWorm campaign.

Read More Read more about GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

Tropic Trooper targets Chinese speakers with SumatraPDF trojan and VS Code tunnels

• malware
• threat-intelligence

Tropic Trooper targets Chinese speakers with SumatraPDF trojan and VS Code tunnels

SC Staff April 27, 2026

The campaign, attributed with high confidence to the persistent threat group Tropic Trooper, utilizes a custom AdaptixC2...

Read More Read more about Tropic Trooper targets Chinese speakers with SumatraPDF trojan and VS Code tunnels

Fast16 malware: Pre-Stuxnet sabotage tool discovered

• malware
• security-operations
• threat-intelligence

Fast16 malware: Pre-Stuxnet sabotage tool discovered

SC Staff April 27, 2026

Fast16, referenced in a 2005 ShadowBrokers leak of NSA tools, utilized a Lua 5.0 virtual machine embedded...

Read More Read more about Fast16 malware: Pre-Stuxnet sabotage tool discovered

French police arrest hacker ‘HexDex’ for alleged widespread data theft

• data-security
• security-operations
• threat-intelligence

French police arrest hacker ‘HexDex’ for alleged widespread data theft

SC Staff April 27, 2026

The investigation began in late December 2025 following approximately 100 reports of data theft.

Read More Read more about French police arrest hacker ‘HexDex’ for alleged widespread data theft

BlackFile hackers target retail, hospitality with vishing and data extortion

• data-security
• phishing
• threat-intelligence

BlackFile hackers target retail, hospitality with vishing and data extortion

SC Staff April 27, 2026

BlackFile initiates attacks through voice phishing (vishing) calls, using spoofed numbers to impersonate IT support.

Read More Read more about BlackFile hackers target retail, hospitality with vishing and data extortion

Medtronic says cyberattack did not disrupt its operations

• threat-intelligence
• threat-management

Medtronic says cyberattack did not disrupt its operations

Steve Zurier April 27, 2026

Attack raised concerns because it was second one on a major medical device maker since the Iran...

Read More Read more about Medtronic says cyberattack did not disrupt its operations

‘AiFrame’ browser attacks continue with fake authenticator, converter extensions

• aiml
• application-security
• identity
• phishing
• threat-intelligence

‘AiFrame’ browser attacks continue with fake authenticator, converter extensions

Laura French April 24, 2026

The malicious extensions inject iframes to display phishing content and extract other data.

Read More Read more about ‘AiFrame’ browser attacks continue with fake authenticator, converter extensions

Cambodian senator, others hit with US sanctions over scam allegations

• threat-intelligence

Cambodian senator, others hit with US sanctions over scam allegations

SC Staff April 24, 2026

The U.S. Treasury Department has sanctioned Cambodian Senator Kok An, along with 28 individuals and entities, over...

Read More Read more about Cambodian senator, others hit with US sanctions over scam allegations

Ransomware supply chain untangled by RAMP forum leak

• ransomware
• threat-intelligence

Ransomware supply chain untangled by RAMP forum leak

SC Staff April 24, 2026

Security Affairs reports that prolific Russian dark web forum and ransomware network RAMP has suffered a major...

Read More Read more about Ransomware supply chain untangled by RAMP forum leak

Checkmarx supply chain hack impacts Bitwarden CLI

• devsecops
• identity
• supply-chain
• threat-intelligence

Checkmarx supply chain hack impacts Bitwarden CLI

SC Staff April 24, 2026

Bitwarden CLI was reported by Socket and JFrog researchers to have been affected by the TeamPCP-linked supply...

Read More Read more about Checkmarx supply chain hack impacts Bitwarden CLI